The head of my company is concerned about data leak. In order to strengthen the protection of sensitive data I have to limit ability to copy and print certain files from the employess notebooks.
I thought about using True Crypt so that copied files become encrypted and useless beyond a particular directory. You could work only in the specified directory. The file copied out of directory would become encrypted.

Is it possible at all to do something like that? Maybe you know a better solution than the above theoretical digressions?

Put glue in the USB ports, get rid of the external drives, and disconnect the computers from the network, or at least setup an extremely restrictive firewall. Strip-search everyone entering your building to make sure they don't have a phone/device with a built-in camera.
–
ZoredacheSep 8 '11 at 20:04

The notebook programs and clipboard work with unencrypted information no matter the encryption used on the hard drive. The drive data is unencrypted when fetched for the program and available to print, copy, e-mail, etc.
–
zedman9991Sep 8 '11 at 20:07

Printing: Using group policies, you can disable the right for a user to add a printer, and then publish approved printers for them to use. In this way, a home printer would never get used. Of course, you'd have to not install PDF file creators, or Fax clients...
–
RobWSep 8 '11 at 23:55

1 Answer
1

Take a look at Rights Management Services - it does pretty much what you're aiming for (escrow-like encryption of documents with controlled use, allow view but no print, etc), but the application compatibility (MS's stuff) may not fit your needs.